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Topic 1, Governance, Risk, Compliance 


Question: 1 


Credit card information, medical data, and government records are all examples of: 


A. Confidential/Protected Information 
B. Bodily Information 

C. Territorial Information 

D. Communications Information 


Answer: A 


Explanation: 


Question: 2 


The establishment of a formal risk management framework and system authorization program is 
essential. The LAST step of the system authorization process is: 


A. Contacting the Internet Service Provider for an IP scope 

B. Getting authority to operate the system from executive management 

C. Changing the default passwords 

D. Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities 


Answer: B 


Explanation: 


Question: 3 


The single most important consideration to make when developing your security program, policies, 
and processes is: 


A. Budgeting for unforeseen data compromises 

B. Streamlining for efficiency 

C. Alignment with the business 

D. Establishing your authority as the Security Executive 


Answer: C 


Explanation: 
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Question: 4 


An organization's Information Security Policy is of MOST importance because 


A. it communicates management’s commitment to protecting information resources 
B. it is formally acknowledged by all employees and vendors 

C. it defines a process to meet compliance requirements 

D. it establishes a framework to protect confidential information 


Answer: A 


Explanation: 


Question: 5 


Developing effective security controls is a balance between: 


A. Risk Management and Operations 

B. Corporate Culture and Job Expectations 
C. Operations and Regulations 

D. Technology and Vendor Management 


Answer: A 


Explanation: 
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